Pages:
Author

Topic: Additional Protection For Seed Backup. (Read 504 times)

member
Activity: 116
Merit: 14
September 18, 2019, 05:11:49 AM
#23
Please make a digital copy of your seed as it may decreses the security of your hardware wallet.
Keep your seed in safe with limited access.
Don't type your seed phrase on any website keep it safe.
If it is possible then try to keep your seed phrase with a password you can also enable two factor for this.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
September 17, 2019, 05:40:35 AM
#22
The issue of writing private keys or seed words on paper has taught me a big lesson that I can't forget easily. I lost all my tokens because of that, now I can't find where I kept my private keys. It happens that my phone got formatted due to steady optimization that couldn't stop. It's not about hiding your private keys, it's about keeping it where you can remember it easily

Why backup if it does not fulfill the basic purpose, to recover your coins in times when something unforeseen happens? Such things should not be forgotten, same as a mistake to keep cryptocurrency in phone wallet. It is not only about hiding, it is about how to make it safe, and maybe confusing if someone finds it. 12 or 24 words with a notice "This is my crypto wallet backup" will very likely be enough for the complete ignorant to understand what this is all about.

However you do not need to give up, your backup is existing somewhere, and if you try hard enough you might find it.
member
Activity: 87
Merit: 27
September 17, 2019, 05:06:55 AM
#21
The issue of writing private keys or seed words on paper has taught me a big lesson that I can't forget easily. I lost all my tokens because of that, now I can't find where I kept my private keys. It happens that my phone got formatted due to steady optimization that couldn't stop. It's not about hiding your private keys, it's about keeping it where you can remember it easily

As I said earlier,

For protecting your Seed, you can use "Passphrase" which can be used as a 2FA for your wallet. In addition to a seed, there will be an extra password called Passphrase to unlock your seed. Some wallets also call this as "seed extension". Passphrase will be used as an extension to a Seed. We need to remember both of them to unlock a wallet.

I think, we can keep the Seed(will be 12 or 24 letters long) safely in a laminated paper and store it in a bank locker. And we can remember the passphrase(13th or 25th letter in a seed) in our mind. Even if the Seed is lost or stolen, they cannot open the seed without a Passphrase. This would be a good idea to store the cryptos safely in a cold storage wallet that supports this feature. Some of the wallets that supports this feature are Ledger Nano S, Trezor wallet etc.

you could have used a wallet that supports Passphrase where you need have to remember the entire Seed. You just have to remember the seed extension rather than the whole seed.

In your case, you could have kept the paper(which contain seed) in your bank locker. It would be safe to keep it in a bank locker rather than keeping at a place where you don't remember.
member
Activity: 672
Merit: 29
September 17, 2019, 04:43:44 AM
#20
The issue of writing private keys or seed words on paper has taught me a big lesson that I can't forget easily. I lost all my tokens because of that, now I can't find where I kept my private keys. It happens that my phone got formatted due to steady optimization that couldn't stop. It's not about hiding your private keys, it's about keeping it where you can remember it easily
hero member
Activity: 1232
Merit: 738
Mixing reinvented for your privacy | chipmixer.com
August 17, 2019, 06:59:05 PM
#19
Since Electrum doesn't allow to add passwords to seeds, ...
yes electrum doesn't follow bip39 standard,
but electrum supports importing bip39 seed with bip39 passphrase (electrum called it seed extension)

in addition to bip39 passphrase, how about leaving small amount bitcoin in the same seed non-bip39-pass wallet
so when a thief found only the seed, he finds only the small amount in the fake wallet
and extra customization to fool thief by changing the default wallet account number (0) to some number (157)
so, you need to write down seed mnemonic in one place, and bip39 pass and account number in another place
to make it easier to memorize you could use your address, but preferable other things that you can easily remember
for eg 157 broadway to be used as account number and bip39 pass
legendary
Activity: 3024
Merit: 2148
August 17, 2019, 12:21:49 PM
#18
Since Electrum doesn't allow to add passwords to seeds, I've came up with an idea how to encrypt your seeds while still maintaining the mnemonic form. You generate a seed and use it as your wallet, then you generate as second seed - it will be used as key. To encrypt the wallet seed, you take the indexes of words and add them modulo 2048 - you get a new list of 12 words which will be your ciphertext. This ciphertext might not be a working Electrum seed because of the checksums. To decrypt your seed, you simply do the same operation with the key seed and the ciphertext words. Unless I'm missing something, this should be sufficiently secure.
legendary
Activity: 2128
Merit: 1293
There is trouble abrewing
August 17, 2019, 12:01:28 PM
#17
For protecting your Seed, you can use "Passphrase" which can be used as a 2FA for your wallet. In addition to a seed, there will be an extra password called Passphrase to unlock your seed. Some wallets also call this as "seed extension". Passphrase will be used as an extension to a Seed. We need to remember both of them to unlock a wallet.

this was a good suggestion but calling it "2FA" is very misleading because what it does is very different. the term "seed extension" is the best word for it since what you do is basically adding some random bytes of the length of your password to your salt so that you can derive a different key from PBKDF2 key derivation function, a key that will then be used as the BIP32 entropy.
so depending on the strength of the password it can become impossible to brute force. but using a weak one can mean an easily breakable one.
member
Activity: 87
Merit: 27
August 17, 2019, 01:03:49 AM
#16
For protecting your Seed, you can use "Passphrase" which can be used as a 2FA for your wallet. In addition to a seed, there will be an extra password called Passphrase to unlock your seed. Some wallets also call this as "seed extension". Passphrase will be used as an extension to a Seed. We need to remember both of them to unlock a wallet.

I think, we can keep the Seed(will be 12 or 24 letters long) safely in a laminated paper and store it in a bank locker. And we can remember the passphrase(13th or 25th letter in a seed) in our mind. Even if the Seed is lost or stolen, they cannot open the seed without a Passphrase. This would be a good idea to store the cryptos safely in a cold storage wallet that supports this feature. Some of the wallets that supports this feature are Ledger Nano S, Trezor wallet etc.
legendary
Activity: 3472
Merit: 10611
August 16, 2019, 11:04:26 PM
#15
Things will be much worse with seeds.

but the difference between password and seed is that your password contains any character and is random but seed words are limited known strings that are chosen in a way that are different enough from each other that it nearly removes the possibility of mistakes. for example there aren't that many ways you could write down a word like "abandon", even if you made a spelling mistake (abondan) you still could figure out what the word was and correct it. that is not the case with passwords so if anything things are better for seeds!
not to mention you could always print your seed (or rather encrypted seed) on paper and eliminate spelling mistakes.
hero member
Activity: 2366
Merit: 838
August 16, 2019, 10:27:44 PM
#14
the problems with recovering it in the future are always about remembering what you did. what i said was meant as a general rule for different things people come up with and then forget about it after some years pass.
It is a bit off-topic, but I had bad experienced when I changed my forum account's password weeks ago.
Different displayed signals of password change/ reset.
Wrote down the new password, not sure I wrote it wrongly with only one number (I guess); then hours later I could not log in my account.
Then, I had to reset my password through email. Anyway, from my bad experience, I knew that forum has two types of display in profile page to warn two types of password changes (change/ reset through email)
I checked, and only saw the first warning:
Quote
This user's password was reset recently.
The warning in second line dissappeared
Quote
This user changed his/ her password recently
I guess password reset will be displayed in profile page longer. Are there known details about it?


Things will be much worse with seeds.
legendary
Activity: 2310
Merit: 4085
Farewell o_e_l_e_o
August 16, 2019, 10:26:31 AM
#13
Just for additional security I'll intentionally switch the positions of the numbers or omits writing some (that I won't easily forget) to make the decoding more difficult for the hackers. That's lets say after converting the backup seeds (words) to numbers, I'll switch the numbers in a way only I can understand making it more difficult incase the hacker succeed in decoding the numbers back to words understanding that hackers are also aware of this information you just shared.  
Whatever you do to backup your seeds, you should have a note on procedure to recover your seed later. Especially, if you move further by encrypting your seeds in your own ways. I mean secondary encryption, and likely further. The more complicated steps you do with your seeds backup, the more carefulness you have to prepare for your future restoration.
Moreover, you should choose the most important person in your life, then tell him or her how to restore your funds from those seeds, in all detailed steps.
That is stupid to over-complicated seed backup, and then you forget steps to restore it, or in worst cases (health issues, dementia, eg. , you or no one in your family, even your wilfe, husband, children can retrieve your fund back.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
August 16, 2019, 08:51:30 AM
#12
~snip~

If some user is decide to replace words with numbers (without mix them in any way) this should be something that he /she should remember, it is not some high science. It is true that 12 or 24 numbers just written in sequence can intrigue someone to try to find out what it is about, but it will take some time for them to link numbers with words. In case of thieves who rob us with a deliberate purpose to get our coins, I doubt they will not crack any usual protection in a way they will tearing everything apart to find that information.

Seed can be hidden in some to do list like this, and only people who are targeting such information can suspect this is not genuine list of your debts. For extra confusion we can add few more names (after last name/number) in list to brake connection with 12 seed words.
 
List of people I owe money to :

Mary : $5
Bob :  $39
Tom : $27
Alice : $72
Harry : $121
Brandon : $155
Mandy : $207
John : $285
Robin : $317
Madison : $355
Walden : $435
Daisy : $509

Seed (12 words) hidden in this numbers would be : above / age / addict / angry / audit / battle / border / castle / chest / clump / curve / display


legendary
Activity: 3472
Merit: 10611
August 15, 2019, 11:21:15 PM
#11
pooya87&LoyceV, I did not think on any coding here, but just on paper or steel plate with numbers that representing seed words, so what can go wrong with that?

the problems with recovering it in the future are always about remembering what you did. what i said was meant as a general rule for different things people come up with and then forget about it after some years pass.
maybe nothing goes wrong with recovering from this format but the problem is that it is not adding any real additional "protection". if someone could gain physical access to this, then they may also guess it is a wallet mnemonic written in another format (12 random numbers all smaller than 2048 could be a good indicator). it is always a comparison of what was gained and what complications were added. i'd say in this case both are small but the complication is more than the gain.
legendary
Activity: 3024
Merit: 2148
August 15, 2019, 06:07:15 PM
#10
If someone knows you are a Bitcoin user, and they steal your seed in some hidden form, there's a good chance that they will be able to crack it, perhaps with a help of a pro cryptographer/codebreaker. If you are not using strong cryptography to protect your secrets and try to invent your own schemes, there's like 99.9% chance it will fail. I think I even saw a subreddit where people post codes and puzzles that yield Bitcoin private keys when solved. All these advices with switching positions, substituting with numbers, etc. - they can easily become footguns that will lock some people out of their coins.

Better just use a wallet that derives private keys from mnemonic seed and a password, if your password is strong enough, the thief won't be able to steal your coins, and you'll have enough time to move your coins to a new wallet.
legendary
Activity: 2268
Merit: 18711
August 15, 2019, 05:07:41 PM
#9
 
I don't easily forget that's why I won't mind omitting some numbers on purpose to create additional security to my encoded backup seeds.
You don't easily forget at the moment. Are you willing to bet all your bitcoin that you won't forget in 1, 5, or 10 years? Or suffer some head trauma or injury? Or a stroke? Or an aneurysm? Or an infection? Or any number of other things which can affect your memory.

Leaving out a word or two is brute forceable. If you've converted your whole phrase to numbers, leaving out a number or two could change the entire sequence beyond what is brute forceable, rendering you unable to ever recover your coins. If you are going to use a method like this, I would highly recommend you either tell a close relative about it, or write down the steps and store them separately to your encoded phrase.
legendary
Activity: 2408
Merit: 4282
eXch.cx - Automatic crypto Swap Exchange.
August 15, 2019, 06:22:19 AM
#8
Just for additional security I'll intentionally switch the positions of the numbers or omits writing some (that I won't easily forget) to make the decoding more difficult for the hackers. That's lets say after converting the backup seeds (words) to numbers, I'll switch the numbers in a way only I can understand making it more difficult incase the hacker succeed in decoding the numbers back to words understanding that hackers are also aware of this information you just shared.  

Not advising anyone to do as I just said simple because you saw the suggestion from me, I don't easily forget that's why I won't mind omitting some numbers on purpose to create additional security to my encoded backup seeds. I just learnt something new thanks @Lucius.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
August 15, 2019, 05:31:32 AM
#7
My intention was just to show that each word on seed list can be written on paper or carved in any other material in the form of numbers, and that number 1 will always be the same as word abandon.

pooya87&LoyceV, I did not think on any coding here, but just on paper or steel plate with numbers that representing seed words, so what can go wrong with that? I also say that it is not smart to mix seed words or in this case numbers, I am fully aware that people forget over time and such backup can be big problem, in some cases completely useless.

bitmover&o_e_l_e_o, regarding inherit, this changing seed words system only need simple link to word list, with that it is easy to connect numbers with words. I was just thinking that in case seed falling into the wrong hands, can confuse someone to not understand what this is really about. It is also much easier to engrave numbers on steel plate then words.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
August 15, 2019, 03:29:56 AM
#6
Such numbers can then be saved in any form and will not look like something important if they fall into the wrong hands. For example, it is possible to make a mathematical equation and use numbers representing seed words, or to make fake telephone numbers from such numbers.
If you do this, you should test your backup before funding it. Start from scratch, with just the code you've written down, and start searching for everything you need to reproduce it. Go all the way from seed to private keys to ensure you have everything you need to recover your funds.
Obviously, you need to take safety precautions when doing this, such as using an offline Linux LIVE DVD that runs from RAM.

I've seen several posts from people who are unable to restore their backup because of the mistakes they made writing down codes.
Seed words have some redundancy built in, if you convert them to numbers that's lost.

so if you ended up "inventing" a new way then at least make sure you test it multiple times to see if you can recover your secrets (in this case mnemonic phrase) using that method.
Being truely paranoid, I always test the "conventional" backups too, preferrably with different applications to ensure it doesn't rely on just one specific version.
legendary
Activity: 3472
Merit: 10611
August 15, 2019, 12:14:24 AM
#5
let me start by saying that it is always best that you don't try to invent new ways of protecting secret information. instead you should always stick to the common ways that are tested and standardized. meaning if you want to protect your seed then simply encrypt it with a strong password and then create a back of the encrypted result and the password you used for encryption (separately).

so if you ended up "inventing" a new way then at least make sure you test it multiple times to see if you can recover your secrets (in this case mnemonic phrase) using that method. for instance in this case:
giraffe is related to number 786, and word benefit is related to number 170.
these words actually represents different numbers: 785 and 169 respectively because these are "indexes" and indexes start from zero. so when recovering it in the future and writing a code to do it, you may end up with a wrong seed if you weren't careful. because the code would look like something like this:
Code:
listOfAllWords = readFile(english.txt)
string[] mySeed = new string[12]
mySeed[0] = listOfAllWords[786]
Print(mySeed[0]) => girl

or like this case:
https://bitcointalksearch.org/topic/math-problem-regarding-recovery-seed-5093310
the user swapped word positions and had trouble when he wanted to recover his coins later on.
legendary
Activity: 2268
Merit: 18711
August 14, 2019, 08:11:44 PM
#4
There are two additional ways to protect your mnemonic phrase from thieves or attackers.

The first is to stop someone from finding it. This means storing it somewhere safe. Lots of people use safe deposit boxes at banks. A safe in your own house which is bolted to the ground/wall or encased in concrete will be hard to steal from, but is an obvious target for an attacker. There are many places you could hide a mnemonic phrase that would almost never be found by a thief in your house. A small piece of paper can be hidden behind an electrical socket, in a light fitting, under the floorboards or carpets, inside a vent, etc. You could write it on the underside of a chest of drawers, a bookcase, or even the bottom of a door.

The second way is to stop the thief from realizing what it is or deciphering it if they do find it. Numbers or foreign words are one option. Other users have described writing a story containing their words, using their own code, swapping words around, shifting all the words by x number of places in a dictionary, and so forth.

All of these are great, but you run in to two problems. One is that of inheritance as bitmover has discussed above. The other is that of you forgetting how to access your seed yourself. Will you remember the system you used in a month, a year, or a decade? Recovering from your seed isn't something you do every day like type in a password. Can you remember a phone number you dialed once or twice ten years ago?
Pages:
Jump to: